similar to: [Bug 3207] New: Match blocks ignored in files processed by Include

Displaying 20 results from an estimated 10000 matches similar to: "[Bug 3207] New: Match blocks ignored in files processed by Include"

2014 Sep 24
11
[Bug 2282] New: When group member count exceeds 126, config reliant fails
https://bugzilla.mindrot.org/show_bug.cgi?id=2282 Bug ID: 2282 Summary: When group member count exceeds 126, config reliant fails Product: Portable OpenSSH Version: 5.3p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sftp-server
2009 Jan 09
1
setting umask for internal-sftp users
I'm running OpenSSH 5.1p1 on openSUSE 10.3 (i586) and I want to setup chroot jails for certain SFTP-only users. I use the following lines in my sshd_config file: Match Group sftponly ChrootDirectory /home/chroot-%u ForceCommand internal-sftp It works great. The problem is that some of my users need umask 002 for their uploads. I tried a few ways to achieve this: * set umask in sshrc,
2010 Feb 10
1
Syslog for chroot-jailed SFTP users?
Maybe one of you can help. We have set up a CentOS server so that each user who logs in via sftp will be jailed in their home directory. Here's the relevant sshd_config: # override default of no subsystems Subsystem sftp internal-sftp -f LOCAL2 -l INFO Match Group sftponly ChrootDirectory /home/%u ForceCommand internal-sftp This actually works great, but none of
2009 Jun 12
0
can you stop the trouble with file masks and default permissions?
Hello! Please take a look at this problem: 1. at sshd_config: Subsystem sftp internal-sftp Match group sftponly ? ? ? ? ?ChrootDirectory /public ? ? ? ? ?X11Forwarding no ? ? ? ? ?AllowTcpForwarding no ? ? ? ? ?ForceCommand internal-sftp 2. at client's bash: sshfs server:/ /home/kr/krpub-mount -o uid=$(id -u kr) -o gid=$(id -g kr) -o allow_other -o default_permissions -o reconnect -o
2009 Jun 30
5
[Bug 1616] New: root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616 Summary: root owned empty subdirs are deletable by chroot users Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org
2010 Jul 10
1
internal-sftp and logging not working with Fedora and chroot using 5.5?
Hope ya'all can help! Been reading and reading, and adjusting... to no avail. We need to have chroot'd SFTP activities logged on a file server and for whatever reason, I simply cannot get it to log with users that are chroot'd (this is necessary for auditing and HIPAA - so it is pretty important) I have tried with Fedora 11/12 and even an older Fedora 8 server, the same results: 1.
2011 Nov 18
4
[Bug 1951] New: Add home directory facility for chrooted environments
https://bugzilla.mindrot.org/show_bug.cgi?id=1951 Bug #: 1951 Summary: Add home directory facility for chrooted environments Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd
2009 Jun 13
0
openssh sftp chroot /bin/false
hi! i need ssh users and sftp users on my server. they don't mix so sftp users have a /bin/false as their shell. however when i try a ssh connect to such a user. he does not get disconnected but hangs forever. can it be that sshd searches foer /bin/false in the chroot environment? but i tried to place it there including ldd requirements. no success. i just want sftp users to get no shell
2010 Nov 04
0
SFTP subsystem and explicit file permissions
Hello again, Now that umask is working (thanks very much!) I have found that I would like to see more control over sftp-server/internal-sftp file permissions. Given that previous patches (sftp file control comes to mind) were produced indicates there are other users that would also like more control over file permissions. My solution was to add yet another option to sftp-server/internal-sftp
2013 Jan 18
1
sftp does not allow rename across file system
Hello: I got the error EXDEV (Invalid cross-device link) when renaming one file to another directory that is actually mounting another file system. I am using SSH-2.0-OpenSSH_6 with standard SFTP setup as below Subsystem sftp internal-sftp Match group sftponly ChrootDirectory /home/sftp/%u X11Forwarding no AllowTcpForwarding no ForceCommand
2010 Jul 14
1
SFTP Chroot
HI: I tried to deploy a SFTP server with chroot but when i tried to connnect the client send the next error: Write failed: Broken pipe Couldn't read packet: Connection reset by peer The sshd_conf file is the next: ------------------------------------------------------------------- # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and
2008 Sep 23
3
[Bug 1527] New: ForceCommand internal-sftp needs a way to enable logging
https://bugzilla.mindrot.org/show_bug.cgi?id=1527 Summary: ForceCommand internal-sftp needs a way to enable logging Product: Portable OpenSSH Version: 5.1p1 Platform: Itanium2 OS/Version: HP-UX Status: NEW Severity: minor Priority: P4 Component: sftp-server AssignedTo:
2009 Mar 13
0
winbind cache seems to change the group membership of a user
Hi, I'm using the "ChrootDirectory" option for the sshd daemon to jail my ssh users. Additionally, I'm using the "Match group" option to only jail people belonging to a specific active directory group. Here are the relevant lines of the sshd_config file: LogLevel Debug3 Subsystem sftp internal-sftp Match group sftpusers ChrootDirectory /my/chroot/home ForceCommand
2023 Mar 30
3
sftp and utmp
Hi, We need to limit concurrent sftp logins to one per user (because of bad client behaviour). Is there any way to achieve this I have overlooked? It seems it could be possible with pam_limits, if sftp sessions were recorded in utmp (a guess from what I found googling around). If I configure /etc/security/limits.conf with testuser hard maxlogins 1 and connect with ssh, and try a second
2023 Mar 31
2
sftp and utmp
hvjunk wrote this message on Thu, Mar 30, 2023 at 23:12 +0200: > I've been battling similar issues, and the only methods I've found (with sftp) was to use > software like pureftd or crushftp (using crushftp lately as production) that does handle these > issues "out of the box" > Other than that, I'd expect you'll need to write your own PAM modules to track the
2010 Dec 09
3
[Bug 1844] New: Explicit file permissions enhancement to sftp-server
https://bugzilla.mindrot.org/show_bug.cgi?id=1844 Summary: Explicit file permissions enhancement to sftp-server Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org
2023 Apr 03
2
sftp and utmp
Le Friday, 31 March 2023, 17:47:14 EDT John-Mark Gurney a ?crit : > hvjunk wrote this message on Thu, Mar 30, 2023 at 23:12 +0200: > > I've been battling similar issues, and the only methods I've found (with sftp) was to use > > software like pureftd or crushftp (using crushftp lately as production) that does handle these > > issues "out of the box" > >
2009 Nov 23
1
Connection type variable
Hello, I would like to know how would I go about in using a connection type variable with the sshd_config. What would be the consequences,security,problem with doing such a thing. What I would like to accomplish is something like: Match Group Users ChrootDirectory "sftp/ssh" /home/%u ForceCommand "sftp/ssh" internal-sftp AllowTcpForwarding "sftp/ssh" no Where
2023 Jan 27
3
[Bug 3528] New: ls hangs when using ldap groups
https://bugzilla.mindrot.org/show_bug.cgi?id=3528 Bug ID: 3528 Summary: ls hangs when using ldap groups Product: Portable OpenSSH Version: 8.2p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sftp-server Assignee: unassigned-bugs at mindrot.org
2009 Mar 18
4
[Bug 1574] New: trailing white space on Forced Command within ChrootDirectory causes failure
https://bugzilla.mindrot.org/show_bug.cgi?id=1574 Summary: trailing white space on Forced Command within ChrootDirectory causes failure Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: